I have cisco ACS 5.2 server which is integrated with Active directory .Now users are not able to login to one perticular device ,which was working fine for last 2 month .Authentication request are not coming to ACS .we didnt made any changes in ACS side .
For testing purpose we have configured the device with Cisco ACS 4.2 ,which is not integrated with AD then its working fine and user is able to login .
we have two servers ,one is primary (ACS1 )and other is secondary (ACS 2) ,which is replicating from primary .
In all network elements we configured ACS1 as primary and ACS2 as secondary .
I was able to ping that device from ACS 1 and user is able to ping ACS 1 from that device too ,after he logged in locally .
I have investigated the above issue in network level and understood that radius packets are not coming to ACS1 and it is going ACS2 , but at that time also we can not see any authentcation logs from this device in our primary/secondary server .even though user are contineously getting failed authentcation .
Now we have configured ACS2 as primary and ACS1 as secondary in that perticular device .and it start working .
I still can not understand the root cuase for the same ,even rest of the all devices in that NDG (Same location and same subnet ) is sending authencation request ACS1 and working fine .
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :